972-424-6024

News

Get the Latest News and Press Releases

Mounting risks of Hackers taking over Financial accounts

Americans face mounting risk of hackers taking over brokerage accounts, regulators say

Ref: Account Takeover 2021 Annual Report: Prevalence, Awareness and Prevention – Security.org
The Financial Industry Regulatory Authority, the brokerage industry’s self-regulatory body, said in a recent notice that it has “received an increasing number of reports regarding customer account takeover incidents, which involve bad actors using compromised customer information, such as login credentials, to gain unauthorized entry to customers’ online brokerage accounts.”

Awareness of Account Takeovers
Nearly three-quarters of U.S. adults are aware of account takeovers, while 18 percent are unaware, and nine percent are unsure.


How Many People Have Had Account Takeovers?
According to security.org research, 22 percent of U.S. adults have had their accounts taken over. As there are 110 million internet-enabled households in the U.S., that means that approximately 24 million U.S. households have experienced account takeovers.


What Types of Accounts Were Taken Over?
Of the accounts taken over, the majority were social media accounts at 51 percent. Banking accounts comprised 32 percent of account takeovers, while email and messaging platforms comprised 26 percent. Moreover, research indicated that 80 percent of the accounts taken over were personal, while only 13 percent were business accounts only. Altogether, 93 percent of accounts taken over were personal accounts or a combination of business and personal accounts. Of the financial losses from account takeovers, over 80 percent of respondents recovered the funds, compared to 16 percent who were unable to recover the money.


How to Prevent Account Takeovers
Given the large increase in account takeovers throughout the global pandemic, the account takeover market is increasing with it. Business and personal internet users can lessen the likelihood of account takeovers by choosing strong passwords for their accounts and adding multi-factor authentication and security questions when available.
• Using different usernames and passwords for various accounts; DO NOT mix user names and passwords for Social media, email and Financial accounts or, better yet, a password manager, can help.
• Get suspicious login alerts if they’re available. Ask the companies you do business with to offer suspicious login alerting so that you can stop an account takeover before it becomes a massive headache.
• Add security questions or advanced authentication to accounts to prevent unauthorized access.
• Read this to understand various authentication options with their pros and cons. Two-Factor and Multi-Factor Authentication: How to Prevent Identity Theft – Security.org

Ransomware Makes News Again!

Everyone has now heard of ransomware, but to give a bit fuller background, this kind of malicious software is delivered into an information system—such as a computer or a database—and then renders all of the information inaccessible.

Continue Reading

Microsoft urges admins to patch on-prem Exchange Server installations immediately.

Microsoft claims that Hafnium targets companies in various sectors, including infectious disease researchers, law firms, higher education institutions, defense contractors, policy think tanks, and NGOs.
This attack is going to disproportionately impact those that can lest afford it (SMBs, Edu, States, Locals)..

How Can You Protect Yourself?

If you think you’re a victim of the Microsoft hack, you should immediately install the patches and reach out to security professionals, like ITRemedy, for an expert evaluation.
But even if you don’t use Microsoft Exchange Servers, there are a few steps you should always take to ensure your security.
First, make sure you create long, varied passwords, especially for sensitive accounts. Be aware of URLs, email addresses, and other general inconsistencies from ‘familiar services that may actually a phishing attempt. Enable two-factor authentication wherever you can.

And if you think you’ve been hacked, reach out to us immediately.

Dropper

A dropper is a small helper program that facilitates the delivery and installation of malware.

Spammers and other bad actors use droppers to circumvent the signatures that anti-virus programs use to block or quarantine malicious code. It’s much easier to change the dropper, should its signature become recognized, than it would be to rewrite the malicious code-base.

Droppers, like many of their larger Trojan horse counterparts, can be persistent or non-persistent. Non-persistent droppers install malware and then automatically remove themselves. Persistent droppers copy themselves to a hidden file and stay there until they complete the task they were created for.

Droppers can be spread many ways, including by:

  • Opening an infected e-mail attachment.
  • Picking up a drive-by download on an infected website.
  • Clicking a malicious link on a website or in an email.
  • Using an infected flash drive.

Sometimes droppers are bundled with free utility programs (such as ad blockers) to avoid detection. When the free program executes, the dropper will first download and install malware before it unpacks and installs the legitimate utility.

Get in touch today to protect your digital assets from evolving Cyber Threats!!

Covid 19 and Digital Technology

COVID 19 HAS GIVEN ONCE IN A GENERATION
OPPORTUNITY FOR SMALL BUSINESSES TO ADOPT DIGITAL TECHNOLOGY AND PERMANENTLY IMPROVE THEIR PRODUCTIVITY

Small businesses have shown very low levels of
technology adopt ion due to terrible experiences of implementing new technology in the past and bad experiences of service from large providers! !
Contact experts at ITRemedy to enable digital transformation in your organization! !
ITRemedy
555 Republic drive #307
Plano, Tx 75025
www. ITRemedy.net

Whatsapp

WhatsApp Messaging Will Now Be Full Of Fun; Here’s How

WhatsApp keeps making some changes from time to time to improve the messaging experience of its users. In this episode, the company has made some changes in its app. A lot of new emoji with many features have also come on WhatsApp platform. 

If you have not yet received new features or emoji, then update your WhatsApp immediately. WhatsApp has been testing these features in the beta version of its app for a long time. Now this feature has been rolled out for all the users in the stable app and the advanced search option is available to the users in their WhatsApp. At the same time, some users may have to wait a bit for this new feature in their device.

Threat Intelligence!!

Almost everything we own is connected to the internet, it’s time to take another look at cybersecurity. The nature of cybersecurity threats has changed since the early years of the web: cyber criminals are getting more sophisticated and less obvious. According to the Verizon Data Breach Investigations Report, in 2018, 74% of data breaches were caused by phishing attacks or fraudulent emails intended to get people to share sensitive information. And 83% of InfoSec professionals—the best of the best when it comes to cybersecurity—were victims of phishing attacks.

In general, threat intelligence refers to the information used by an organization to better understand past, current, and future threats. It provides the context necessary to make informed decisions about your network security, especially after an attack has occurred. Who is attacking you and why? How much damage could they do in your system? Where are your system vulnerabilities? The answers to these questions are essentially the building blocks to a disaster readiness plan.

apperteef_threat intelligence.png

In case my computer is infected, I will see it for sure!!

Don’t be so sure about that…………………

Yes, it used to be true, but it’s not anymore. In the past, when computers started to run slow and get annoying pop-ups all over the screen, it was a sure sign of infection.

Nowadays, cyber criminals radically improved their methods. They are more efficient and know how to disguise their attacks.

Malware is built to be undetectable and untraceable even by antivirus software, in order to retrieve the sensitive information needed by cyber criminals. It may be months before you even notice there’s something wrong!

Here’s what you can do: 

  1. install a good antivirus product and keep it updated
  2. Install a security program against  data stealing malware 
  3. Have a professional threat monitoring of your network and computers
  4. and have a Ransomware free backup!!

malware detection.png

Protect your data from insider threats

When it comes to protecting your Data and Network assets, Organizations continue to spend an exceptional amount of time and money to secure from external attacks; however, insider threats are becoming a key cause of data exposure. Based on survey from Small Businesses security experts have found that insider incidents account for more than 60 percent of all data breaches; however, many organizations don’t report insider attacks out of fear of business loss and damage to their reputation.  

Insider threats come in two forms. An authorized insider threat is someone who misuse their rights and privileges, either accidentally, deliberately or his credentials were stolen. An unauthorized insider is someone who has connected to the network behind the perimeter defenses. This could be someone who plugged into a jack in the lobby or a conference room, or someone who is using an unprotected wireless network connected to the internal network. Insider attacks can lead to data loss or downtime, so it is as important to monitor activity in your network as activity at the perimeter.  To have effective Network Security strategy, first, identify the main threats that your company currently faces. 

Historically, the data breaches that make the news are typically carried out by outsiders. Outsider threats are generally the threats that have been addressed with traditional security measures. It’s the threats that originate from inside that are much more difficult to prevent and detect using one-size-fits-all security measures.

internal vs. external risks_compact.png

Scroll to top